Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
File: e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa (raw, json)
Hash identifier: V66DK+Mxd4oyWRN60Ve3SZkm9to+lyKwjjyKDJ28SO4=
Subject key identifier: 7C:9B:32:C9:C2:05:0D:78:52:0A:3B:4F:EE:60:64:D3:CD:C1:7C:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1865DB3BE044AF89606C11A834A856B1AB7DEDBE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
Signing time: Fri 23 May 2025 00:50:06 +0000
ROA not before: Fri 23 May 2025 00:50:06 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:65:db:3b:e0:44:af:89:60:6c:11:a8:34:a8:56:b1:ab:7d:ed:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 23 00:50:06 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=b14a583160b133595ab3e5d0cd64cb0287ee31dea00270bda7b92ac418df6bb3, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:98:c4:ab:1e:36:2f:13:66:04:07:cf:93:b4:
60:d1:5f:26:c7:54:cf:2c:04:85:02:f5:24:fe:d6:
59:40:36:90:26:03:9d:3e:99:53:d6:94:a5:97:50:
8c:81:37:fd:6e:61:7a:7e:e7:b4:86:ca:3d:9d:92:
20:4e:ee:b0:5b:62:ec:86:05:98:82:2f:64:39:14:
33:86:87:6c:cd:e8:be:91:4e:72:8b:a8:e5:56:54:
fe:a4:6b:02:95:e7:38:e9:83:ac:b1:28:ed:11:b3:
0f:94:d8:36:f7:2c:3f:b6:49:d7:4d:5b:19:63:c9:
6d:b9:21:ff:1f:20:2a:6d:9d:0d:a7:8c:b0:f4:d3:
ce:f3:02:42:f5:12:b0:85:05:0b:f3:a4:30:70:01:
26:3c:f7:72:64:14:48:8c:68:71:3d:87:e7:06:0f:
e6:3c:14:f3:73:04:3c:32:90:e3:22:74:34:21:32:
92:e1:86:ec:42:63:cd:e4:12:6e:bb:18:f2:b5:c1:
38:a6:13:40:6e:04:f9:ae:48:60:0a:b3:33:67:31:
8c:e6:df:43:ca:75:e5:0f:eb:7f:75:35:30:7a:82:
a6:20:1b:67:61:a9:b3:9c:12:93:75:4e:f4:ab:c2:
a7:44:f2:eb:8c:9f:f7:54:18:11:91:75:d1:77:04:
e5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:9B:32:C9:C2:05:0D:78:52:0A:3B:4F:EE:60:64:D3:CD:C1:7C:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e3a0b200-3f16-4eb7-aa0a-fccc46a9092b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
a8:cf:74:80:04:88:5c:17:1c:2e:59:7b:8e:6a:af:9a:2d:1d:
79:b6:e0:fe:ce:ff:7c:ea:f3:8f:f0:a9:39:3c:b0:72:19:00:
51:c9:68:db:30:40:07:a0:95:74:96:59:a4:59:71:c5:89:54:
6c:65:cd:65:c3:ac:ea:3f:11:eb:68:08:0c:9a:c5:1f:8a:72:
68:79:4e:c9:a4:61:f8:b1:d3:e0:1e:9e:a8:cc:c5:a4:0f:42:
5b:b4:2f:1a:d7:62:02:0d:65:2e:5c:27:81:8e:b8:94:28:1a:
19:37:34:0e:97:c8:f8:92:4b:f4:91:6b:c8:43:79:ef:63:ea:
d2:be:1e:2b:97:1f:ef:be:76:62:e5:98:cc:d8:3b:c2:3e:53:
10:81:60:03:85:c3:cc:a6:a0:af:45:fd:bf:57:cd:86:9f:c5:
5d:e7:e0:85:46:9a:e9:08:27:89:fc:32:2d:fc:88:97:f5:fb:
ff:16:07:3b:77:67:44:77:17:df:71:5a:11:ce:47:f3:07:c3:
02:a8:3a:ad:6b:6f:a2:79:51:c9:13:38:78:47:4b:de:9b:16:
cf:a9:88:1e:97:44:62:b3:69:cf:22:64:d6:f6:ac:50:51:2f:
90:a0:ee:4e:04:2b:b6:de:8d:10:b7:c3:80:9e:6c:4a:a7:e3:
53:64:2e:f3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGGXbO+BEr4lgbBGoNKhWsat97b4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjMwMDUwMDZaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxNGE1ODMxNjBiMTMzNTk1YWIzZTVkMGNkNjRjYjAyODdlZTMxZGVhMDAy
NzBiZGE3YjkyYWM0MThkZjZiYjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOYxKseNi8TZgQHz5O0YNFfJsdUzywEhQL1JP7WWUA2kCYDnT6ZU9aUpZdQ
jIE3/W5hen7ntIbKPZ2SIE7usFti7IYFmIIvZDkUM4aHbM3ovpFOcouo5VZU/qRr
ApXnOOmDrLEo7RGzD5TYNvcsP7ZJ101bGWPJbbkh/x8gKm2dDaeMsPTTzvMCQvUS
sIUFC/OkMHABJjz3cmQUSIxocT2H5wYP5jwU83MEPDKQ4yJ0NCEykuGG7EJjzeQS
brsY8rXBOKYTQG4E+a5IYAqzM2cxjObfQ8p15Q/rf3U1MHqCpiAbZ2Gps5wSk3VO
9KvCp0Ty64yf91QYEZF10XcE5QcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR8mzLJ
wgUNeFIKO0/uYGTTzcF82DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTNhMGIyMDAtM2YxNi00ZWI3LWFhMGEtZmNjYzQ2YTkwOTJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEAqM90gASIXBccLll7jmqvmi0debbg/s7/fOrzj/Cp
OTywchkAUclo2zBAB6CVdJZZpFlxxYlUbGXNZcOs6j8R62gIDJrFH4pyaHlOyaRh
+LHT4B6eqMzFpA9CW7QvGtdiAg1lLlwngY64lCgaGTc0DpfI+JJL9JFryEN572Pq
0r4eK5cf7752YuWYzNg7wj5TEIFgA4XDzKagr0X9v1fNhp/FXefghUaa6Qgnifwy
LfyIl/X7/xYHO3dnRHcX33FaEc5H8wfDAqg6rWtvonlRyRM4eEdL3psWz6mIHpdE
YrNpzyJk1vasUFEvkKDuTgQrtt6NELfDgJ5sSqfjU2Qu8w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:35:29 2025 by rpki-client